According
to an
upcoming report by the U.S.-China Economic and Security
Review Commission, a U.S. Congressional advisory group, a major
Chinese telecom succeeded in effectively hijacking U.S. internet
traffic last year.

Normally web traffic is routed via the
fastest route -- typically through domestic connections. This
principle of the internet has in the past helped to secure domestic
traffic. However, the greater global internet is all connected,
so in theory traffic could be routed abroad through international
connections to foreign routers, returning through yet more
international connections to domestic servers.

Obviously this
kind of routing is a tremendous security risk. And it's
reportedly exactly what happened last year.

U.S. citizens
trying to access government sites, such as the U.S. Senate, the
office of the secretary of defense, NASA, and the Commerce Department
last year had their traffic routed through China Telecom, the third
largest telecommunications company in China and a company whose major
owner is the government of China.

Traffic request for several
major commercial companies were also briefly rerouted, according to
the report.

The rerouting may have been an example of China
testing U.S. web security and gauging the nation's ability to protect
its users' data requests. If that was the case, the U.S.
government failed miserably to protect
its citizens' data.

The report describes, "Evidence
related to this incident does not clearly indicate whether it was
perpetrated intentionally and, if so, to what ends. However, computer
security researchers have noted that the capability could enable
severe malicious activities."

China Telecom did not deny
the incident occurred, but did
deny that it intentionally "hijacked" U.S.
citizens' traffic. A company statement reads, "The
spokesman of China Telecom Corporation Limited denied any hijack of
internet traffic."

Aside from the suspicious
misdirection, the security report found many other troubling clues to
a Chinese hand in cyberattacks and cybercrime committed against U.S.
citizens and corporations.

Among its finding, it found that 28
percent of phishing
scams -- false emails designed to lure users into
accidentally giving up their passwords or personal information --
originated from China. And it adds, "Anecdotal reports
about the success of these activities continue to surface, some with
compelling links to the Chinese government."

The report
also details the theft of the incredibly valuable source code that
runs Google's search engine last year -- a theft which originated in
China. The incident and the ensuing lack of cooperation from
the Chinese government subsequently caused Google to briefly
defy the Chinese government's censorship, before
finally relenting
and recensoring its search. Some suspect that the
attack was perpetrated by China's leading search engine, Baidu, and
suspect that the Chinese search giant may incorporate algorithms from
the code to improve its own search.

Comments

Threshold

Username

Password

remember me

This article is over a month old, voting and posting comments is disabled